diff options
Diffstat (limited to 'dev-db/postgresql/files/postgresql-13-openssl3.2.patch')
| -rw-r--r-- | dev-db/postgresql/files/postgresql-13-openssl3.2.patch | 172 |
1 files changed, 0 insertions, 172 deletions
diff --git a/dev-db/postgresql/files/postgresql-13-openssl3.2.patch b/dev-db/postgresql/files/postgresql-13-openssl3.2.patch deleted file mode 100644 index fbb80a3ecb20..000000000000 --- a/dev-db/postgresql/files/postgresql-13-openssl3.2.patch +++ /dev/null @@ -1,172 +0,0 @@ -commit dc8936b9dba79c80aaba8e7232434fb200e95725 -Author: Tom Lane <tgl@sss.pgh.pa.us> -Date: Tue Nov 28 12:34:03 2023 -0500 - - Use BIO_{get,set}_app_data instead of BIO_{get,set}_data. - - We should have done it this way all along, but we accidentally got - away with using the wrong BIO field up until OpenSSL 3.2. There, - the library's BIO routines that we rely on use the "data" field - for their own purposes, and our conflicting use causes assorted - weird behaviors up to and including core dumps when SSL connections - are attempted. Switch to using the approved field for the purpose, - i.e. app_data. - - While at it, remove our configure probes for BIO_get_data as well - as the fallback implementation. BIO_{get,set}_app_data have been - there since long before any OpenSSL version that we still support, - even in the back branches. - - Also, update src/test/ssl/t/001_ssltests.pl to allow for a minor - change in an error message spelling that evidently came in with 3.2. - - Tristan Partin and Bo Andreson. Back-patch to all supported branches. - - Discussion: https://postgr.es/m/CAN55FZ1eDDYsYaL7mv+oSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ@mail.gmail.com - -diff --git a/configure b/configure -index 2fc7dca504..b7caf88229 100755 ---- a/configure -+++ b/configure -@@ -12713,7 +12713,7 @@ done - # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it - # doesn't have these OpenSSL 1.1.0 functions. So check for individual - # functions. -- for ac_func in OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data -+ for ac_func in OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data - do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` - ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -diff --git a/configure.in b/configure.in -index eaca132607..9aec28c8d1 100644 ---- a/configure.in -+++ b/configure.in -@@ -1275,7 +1275,7 @@ if test "$with_openssl" = yes ; then - # defines OPENSSL_VERSION_NUMBER to claim version 2.0.0, even though it - # doesn't have these OpenSSL 1.1.0 functions. So check for individual - # functions. -- AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_get_data BIO_meth_new ASN1_STRING_get0_data]) -+ AC_CHECK_FUNCS([OPENSSL_init_ssl BIO_meth_new ASN1_STRING_get0_data]) - # OpenSSL versions before 1.1.0 required setting callback functions, for - # thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock() - # function was removed. -diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c -index 55fe59276a..9e22911379 100644 ---- a/src/backend/libpq/be-secure-openssl.c -+++ b/src/backend/libpq/be-secure-openssl.c -@@ -748,11 +748,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor) - * to retry; do we need to adopt their logic for that? - */ - --#ifndef HAVE_BIO_GET_DATA --#define BIO_get_data(bio) (bio->ptr) --#define BIO_set_data(bio, data) (bio->ptr = data) --#endif -- - static BIO_METHOD *my_bio_methods = NULL; - - static int -@@ -762,7 +757,7 @@ my_sock_read(BIO *h, char *buf, int size) - - if (buf != NULL) - { -- res = secure_raw_read(((Port *) BIO_get_data(h)), buf, size); -+ res = secure_raw_read(((Port *) BIO_get_app_data(h)), buf, size); - BIO_clear_retry_flags(h); - if (res <= 0) - { -@@ -782,7 +777,7 @@ my_sock_write(BIO *h, const char *buf, int size) - { - int res = 0; - -- res = secure_raw_write(((Port *) BIO_get_data(h)), buf, size); -+ res = secure_raw_write(((Port *) BIO_get_app_data(h)), buf, size); - BIO_clear_retry_flags(h); - if (res <= 0) - { -@@ -858,7 +853,7 @@ my_SSL_set_fd(Port *port, int fd) - SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); - goto err; - } -- BIO_set_data(bio, port); -+ BIO_set_app_data(bio, port); - - BIO_set_fd(bio, fd, BIO_NOCLOSE); - SSL_set_bio(port->ssl, bio, bio); -diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in -index 13fc4e0db6..978e685c70 100644 ---- a/src/include/pg_config.h.in -+++ b/src/include/pg_config.h.in -@@ -86,9 +86,6 @@ - /* Define to 1 if you have the `backtrace_symbols' function. */ - #undef HAVE_BACKTRACE_SYMBOLS - --/* Define to 1 if you have the `BIO_get_data' function. */ --#undef HAVE_BIO_GET_DATA -- - /* Define to 1 if you have the `BIO_meth_new' function. */ - #undef HAVE_BIO_METH_NEW - -diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c -index 07d5daf4d9..73b1720c4c 100644 ---- a/src/interfaces/libpq/fe-secure-openssl.c -+++ b/src/interfaces/libpq/fe-secure-openssl.c -@@ -1602,10 +1602,7 @@ PQsslAttribute(PGconn *conn, const char *attribute_name) - * to retry; do we need to adopt their logic for that? - */ - --#ifndef HAVE_BIO_GET_DATA --#define BIO_get_data(bio) (bio->ptr) --#define BIO_set_data(bio, data) (bio->ptr = data) --#endif -+/* protected by ssl_config_mutex */ - - static BIO_METHOD *my_bio_methods; - -@@ -1614,7 +1611,7 @@ my_sock_read(BIO *h, char *buf, int size) - { - int res; - -- res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size); -+ res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size); - BIO_clear_retry_flags(h); - if (res < 0) - { -@@ -1644,7 +1641,7 @@ my_sock_write(BIO *h, const char *buf, int size) - { - int res; - -- res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size); -+ res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size); - BIO_clear_retry_flags(h); - if (res < 0) - { -@@ -1735,7 +1732,7 @@ my_SSL_set_fd(PGconn *conn, int fd) - SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); - goto err; - } -- BIO_set_data(bio, conn); -+ BIO_set_app_data(bio, conn); - - SSL_set_bio(conn->ssl, bio, bio); - BIO_set_fd(bio, fd, BIO_NOCLOSE); -diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm -index 78328e1fac..e88e3967cd 100644 ---- a/src/tools/msvc/Solution.pm -+++ b/src/tools/msvc/Solution.pm -@@ -226,7 +226,6 @@ sub GenerateFiles - HAVE_ATOMICS => 1, - HAVE_ATOMIC_H => undef, - HAVE_BACKTRACE_SYMBOLS => undef, -- HAVE_BIO_GET_DATA => undef, - HAVE_BIO_METH_NEW => undef, - HAVE_CLOCK_GETTIME => undef, - HAVE_COMPUTED_GOTO => undef, -@@ -543,7 +542,6 @@ sub GenerateFiles - || ($digit1 >= '1' && $digit2 >= '1' && $digit3 >= '0')) - { - $define{HAVE_ASN1_STRING_GET0_DATA} = 1; -- $define{HAVE_BIO_GET_DATA} = 1; - $define{HAVE_BIO_METH_NEW} = 1; - $define{HAVE_OPENSSL_INIT_SSL} = 1; - } |